SUSE-SU-2026:0584-1

CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of server memory (bsc#1258008).
CVE-2026-2004: intarray missing validation of type of input to selectivity estimator could lead to arbitrary code execution (bsc#1258009).
CVE-2026-2005: buffer overrun in contrib/pgcrypto's PGP decryption functions could lead to arbitrary code execution (bsc#1258010).
CVE-2026-2006: inadequate validation of multibyte character lengths could lead to arbitrary code execution (bsc#1258011).
CVE-2026-2007: pg_trgm heap buffer overflow can cause to write pattern onto server memory (bsc#1258012).

References

Affected packages

SUSE:Linux Enterprise High Performance Computing 15 SP4-ESPOS

postgresql18

Package

Name: postgresql18
Purl: pkg:rpm/suse/postgresql18&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

18.2-150200.5.6.1

Ecosystem specific

{
    "binaries": [
        {
            "libpq5-32bit": "18.2-150200.5.6.1",
            "libecpg6": "18.2-150200.5.6.1",
            "libpq5": "18.2-150200.5.6.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0584-1.json"

SUSE:Linux Enterprise High Performance Computing 15 SP4-LTSS

postgresql18

Package

Name: postgresql18
Purl: pkg:rpm/suse/postgresql18&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

18.2-150200.5.6.1

Ecosystem specific

{
    "binaries": [
        {
            "libpq5-32bit": "18.2-150200.5.6.1",
            "libecpg6": "18.2-150200.5.6.1",
            "libpq5": "18.2-150200.5.6.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0584-1.json"

SUSE:Linux Enterprise High Performance Computing 15 SP5-ESPOS

postgresql18

Package

Name: postgresql18
Purl: pkg:rpm/suse/postgresql18&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

18.2-150200.5.6.1

Ecosystem specific

{
    "binaries": [
        {
            "libpq5-32bit": "18.2-150200.5.6.1",
            "libecpg6": "18.2-150200.5.6.1",
            "libpq5": "18.2-150200.5.6.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0584-1.json"

SUSE:Linux Enterprise High Performance Computing 15 SP5-LTSS

postgresql18

Package

Name: postgresql18
Purl: pkg:rpm/suse/postgresql18&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

18.2-150200.5.6.1

Ecosystem specific

{
    "binaries": [
        {
            "libpq5-32bit": "18.2-150200.5.6.1",
            "libecpg6": "18.2-150200.5.6.1",
            "libpq5": "18.2-150200.5.6.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0584-1.json"

SUSE:Linux Enterprise Server 15 SP4-LTSS

postgresql18

Package

Name: postgresql18
Purl: pkg:rpm/suse/postgresql18&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

18.2-150200.5.6.1

Ecosystem specific

{
    "binaries": [
        {
            "libpq5-32bit": "18.2-150200.5.6.1",
            "libecpg6": "18.2-150200.5.6.1",
            "libpq5": "18.2-150200.5.6.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0584-1.json"

SUSE:Linux Enterprise Server 15 SP5-LTSS

postgresql18

Package

Name: postgresql18
Purl: pkg:rpm/suse/postgresql18&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

18.2-150200.5.6.1

Ecosystem specific

{
    "binaries": [
        {
            "libpq5-32bit": "18.2-150200.5.6.1",
            "libecpg6": "18.2-150200.5.6.1",
            "libpq5": "18.2-150200.5.6.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0584-1.json"

SUSE:Linux Enterprise Server for SAP Applications 15 SP4

postgresql18

Package

Name: postgresql18
Purl: pkg:rpm/suse/postgresql18&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

18.2-150200.5.6.1

Ecosystem specific

{
    "binaries": [
        {
            "libpq5-32bit": "18.2-150200.5.6.1",
            "libecpg6": "18.2-150200.5.6.1",
            "libpq5": "18.2-150200.5.6.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0584-1.json"

SUSE:Linux Enterprise Server for SAP Applications 15 SP5

postgresql18

Package

Name: postgresql18
Purl: pkg:rpm/suse/postgresql18&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

18.2-150200.5.6.1

Ecosystem specific

{
    "binaries": [
        {
            "libpq5-32bit": "18.2-150200.5.6.1",
            "libecpg6": "18.2-150200.5.6.1",
            "libpq5": "18.2-150200.5.6.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0584-1.json"